﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;

public partial class Student_ChangePassword : System.Web.UI.Page
{
    SqlConnection connChange;
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["Student"] == null)
        {
            Response.Redirect("~/Default.aspx");
        }
        else
        {
            display(Session["Student"].ToString());
        }
    }

    protected void display(string user)
    {
        connChange = new SqlConnection();
        connChange.ConnectionString = ConfigurationManager.ConnectionStrings["Institte_of_Fine_ArtsConnectionString"].ConnectionString;
        connChange.Open();
        string str = "select Firstname from Student where StudentID ='" + user + "'";
        SqlCommand cmdDisplay = new SqlCommand(str, connChange);
        SqlDataReader daDisplay = cmdDisplay.ExecuteReader();
        if (daDisplay.HasRows)
        {
            daDisplay.Read();
            bUser.Text = daDisplay.GetString(0);
        }
    }

    protected void ckeckChange(string ID, string olpass, string newpass)
    {
        lbError.Text = "";
        string CommandString = "Select * from Student where StudentID ='" + ID + "'";
        string UpdatePassword = " Update Student set Password = '" + newpass + "' Where StudentID = '" + ID + "'";
        SqlConnection connChange = new SqlConnection();
        connChange.ConnectionString = ConfigurationManager.ConnectionStrings["Institte_of_Fine_ArtsConnectionString"].ConnectionString;
        connChange.Open();
        SqlCommand cmdChange = new SqlCommand(CommandString, connChange);
        SqlDataAdapter daChange = new SqlDataAdapter(cmdChange);
        DataTable dtChange = new DataTable();
        daChange.Fill(dtChange);
        if ((dtChange.Rows.Count == 0 || dtChange.Rows[0][2].ToString() == olpass))
        {
            lbError.Text = "Old Password not true!!!";
        }
        else
        {
            SqlCommand cmdUpdateChange = new SqlCommand(UpdatePassword, connChange);
            cmdUpdateChange.ExecuteNonQuery();
            lbError.Text = "Change Password complete !!!!";
        }
        connChange.Close();

    }
    protected void btSubmit_Click(object sender, EventArgs e)
    {
        if (txtOldPassword.Text == "")
        {
            lbError.Text = "Old Password not null";
        }
        else
        {
            if (txtNewPassword.Text == "")
            {
                lbError.Text = "New Password not null!!";
            }
            else
            {
                if (txtNewPassword.Text.Length < 6)
                {
                    lbError.Text = "Password is 6 to 32 character!!!";
                }
                else
                {
                    if (txtConfirm.Text != txtNewPassword.Text)
                    {
                        lbError.Text = "Confirm password not true!!";
                    }
                    else
                    {
                        string ID = (string)Session["Student"];
                        string olpass = txtOldPassword.Text;
                        string newpass = txtNewPassword.Text;
                        ckeckChange(ID, olpass, newpass);
                    }
                }
            }
        }
    }
    protected void btCancel_Click1(object sender, EventArgs e)
    {
        lbError.Text = "";
        txtOldPassword.Text = "";
        txtNewPassword.Text = "";
        txtConfirm.Text = "";
        txtOldPassword.Focus();
    }
}